FROM eclipse-temurin:17-jre-alpine
WORKDIR /app

# 定义构建参数，用于自定义端口
ARG PORT=8080

LABEL maintainer="admin@163.com"

LABEL description="Spring Boot Application.api interface for the Spring Boot Application"

# 安装sudo并创建具有root权限的用户
RUN apk add --no-cache sudo && \
    addgroup -S appgroup && \
    adduser -S appuser -G appgroup && \
    echo "appuser ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/appuser && \
    chmod 0440 /etc/sudoers.d/appuser && \
    mkdir -p /app/logs /app/data /tmp/spring && \
    chown -R appuser:appgroup /app /tmp/spring

# 复制本地已构建好的jar文件
COPY --chown=appuser:appgroup ./target/*-exec.jar /app/app.jar

# 设置环境变量
ENV JAVA_OPTS="-Xms128m -Xmx256m"
ENV SPRING_PID_FOLDER=/tmp/spring
ENV SERVER_PORT=${PORT}

# 切换到具有root权限的用户
USER appuser:appgroup

# 暴露端口（可通过构建参数自定义）
EXPOSE ${PORT}

# 启动应用
ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -Dserver.port=$SERVER_PORT -jar /app/app.jar"]

